Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32322e302f32342d3234203d3e20323732313336.roa
File:                     34352e36382e32322e302f32342d3234203d3e20323732313336.roa (raw, json)
Hash identifier:          dqpTNYdrjeBKx0T+MS9fiUWFouUt3Bsu8MeTCWmnpcw=
Subject key identifier:   05:3F:D5:C9:D4:60:C6:32:27:72:44:57:A3:66:03:8C:25:D4:4C:6B
Certificate issuer:       /CN=03CA54765F0951D369734386CF982D71F5CB5403
Certificate serial:       51EC380ACD558C78F654E94EA135EA9E61465448
Authority key identifier: 03:CA:54:76:5F:09:51:D3:69:73:43:86:CF:98:2D:71:F5:CB:54:03
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03CA54765F0951D369734386CF982D71F5CB5403.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32322e302f32342d3234203d3e20323732313336.roa
Signing time:             Tue 05 Mar 2024 17:52:16 +0000
ROA not before:           Tue 05 Mar 2024 17:47:16 +0000
ROA not after:            Tue 04 Mar 2025 17:52:16 +0000
asID:                     272136
IP address blocks:        45.68.22.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/03CA54765F0951D369734386CF982D71F5CB5403.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/03CA54765F0951D369734386CF982D71F5CB5403.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03CA54765F0951D369734386CF982D71F5CB5403.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:ec:38:0a:cd:55:8c:78:f6:54:e9:4e:a1:35:ea:9e:61:46:54:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03CA54765F0951D369734386CF982D71F5CB5403
        Validity
            Not Before: Mar  5 17:47:16 2024 GMT
            Not After : Mar  4 17:52:16 2025 GMT
        Subject: CN=053FD5C9D460C63227724457A366038C25D44C6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:09:7f:64:f5:eb:55:bc:18:6d:1c:f3:81:
                    83:2a:f5:9f:05:ad:c9:4d:1b:74:db:40:a8:74:5e:
                    8c:df:fa:5d:06:45:8a:e9:34:40:96:35:3c:ba:0f:
                    71:d2:41:1d:44:ce:87:f0:eb:8e:7c:ad:24:68:47:
                    7b:03:1a:b8:cb:60:e7:f1:f0:7e:4b:61:7b:e5:5e:
                    7a:a9:1a:cb:69:b6:65:f2:9b:5b:c1:99:be:7a:6a:
                    82:32:4f:25:d0:cd:c8:f1:c3:6e:8f:04:45:cf:20:
                    b8:64:4f:58:ea:72:8c:80:45:bd:01:14:9c:69:40:
                    b9:4b:92:06:d7:8a:ad:3e:94:ab:1e:9d:87:f4:12:
                    76:62:6f:98:5f:ad:6c:41:ea:16:70:3b:e3:21:f0:
                    a4:6c:41:73:f8:9c:5d:04:f2:6d:52:1c:24:a0:8e:
                    16:7c:16:c3:a6:8d:ae:f1:af:eb:21:a4:3b:08:40:
                    14:bf:df:a8:f4:33:37:4b:0f:2f:9a:89:6f:43:17:
                    e4:aa:4a:ae:47:2c:ab:6f:c3:f2:08:93:e0:d8:0c:
                    b2:49:26:52:21:73:4b:60:23:bc:ce:65:33:a7:74:
                    74:08:31:73:c3:0c:7c:07:60:c3:7a:0a:14:84:b5:
                    d2:f8:80:8c:04:25:74:ce:db:72:89:c5:c2:7e:eb:
                    18:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:3F:D5:C9:D4:60:C6:32:27:72:44:57:A3:66:03:8C:25:D4:4C:6B
            X509v3 Authority Key Identifier:
                keyid:03:CA:54:76:5F:09:51:D3:69:73:43:86:CF:98:2D:71:F5:CB:54:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/03CA54765F0951D369734386CF982D71F5CB5403.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03CA54765F0951D369734386CF982D71F5CB5403.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32322e302f32342d3234203d3e20323732313336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.68.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:d0:49:24:47:25:fc:ad:de:1c:32:50:a6:6d:3f:3f:4c:6e:
         01:ae:d0:e2:72:61:41:d7:68:10:f6:23:3d:f1:b5:7e:e3:11:
         a7:85:78:85:a7:76:ad:6d:64:d0:02:55:fd:54:a1:11:a9:75:
         4d:bf:fc:6a:fc:4d:10:2a:4f:61:41:58:d8:a9:f8:43:02:45:
         4d:c6:c7:aa:8b:4a:d8:26:64:4f:97:db:c5:5d:b1:4c:1d:ec:
         6e:3e:17:2f:e0:2b:a2:22:a7:9b:5b:29:f0:2b:01:a5:38:66:
         66:55:fb:db:a1:7b:37:61:c8:1a:db:14:59:0b:0e:86:48:e7:
         1e:dd:2b:a9:f6:a0:6b:d3:ad:df:84:b0:22:a5:98:47:9c:40:
         d1:e4:e4:fc:fc:42:4e:bb:83:a0:3f:fb:af:79:79:93:f6:74:
         ee:33:72:96:65:a2:e4:db:9a:b6:4a:82:11:d3:5a:98:2d:99:
         f4:3c:4a:cf:48:10:ed:75:3e:7a:8e:ec:7c:a5:ef:38:86:c3:
         d1:1d:f4:d2:8c:9f:fc:0b:34:e7:8f:58:bc:7b:7e:30:85:89:
         9c:b3:94:b9:7d:88:f7:08:08:64:c6:6f:5e:a7:10:23:c5:99:
         f5:60:63:8a:2a:e8:25:59:87:fc:71:ef:5e:af:37:74:99:1e:
         2c:a1:cb:52
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUUew4Cs1VjHj2VOlOoTXqnmFGVEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNDQTU0NzY1RjA5NTFEMzY5NzM0Mzg2Q0Y5ODJENzFG
NUNCNTQwMzAeFw0yNDAzMDUxNzQ3MTZaFw0yNTAzMDQxNzUyMTZaMDMxMTAvBgNV
BAMTKDA1M0ZENUM5RDQ2MEM2MzIyNzcyNDQ1N0EzNjYwMzhDMjVENDRDNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9vgl/ZPXrVbwYbRzzgYMq9Z8F
rclNG3TbQKh0Xozf+l0GRYrpNECWNTy6D3HSQR1Ezofw6458rSRoR3sDGrjLYOfx
8H5LYXvlXnqpGstptmXym1vBmb56aoIyTyXQzcjxw26PBEXPILhkT1jqcoyARb0B
FJxpQLlLkgbXiq0+lKsenYf0EnZib5hfrWxB6hZwO+Mh8KRsQXP4nF0E8m1SHCSg
jhZ8FsOmja7xr+shpDsIQBS/36j0MzdLDy+aiW9DF+SqSq5HLKtvw/IIk+DYDLJJ
JlIhc0tgI7zOZTOndHQIMXPDDHwHYMN6ChSEtdL4gIwEJXTO23KJxcJ+6xixAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUBT/VydRgxjInckRXo2YDjCXUTGswHwYDVR0j
BBgwFoAUA8pUdl8JUdNpc0OGz5gtcfXLVAMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMDc0MDkxQUJENEFDMEM0NUNFOThBMDg0QjI1NzJEMjNE
QTIyNDA4MTM1NkM5RDYxNDY3ODEwREJCNjE4MENELzAvMDNDQTU0NzY1RjA5NTFE
MzY5NzM0Mzg2Q0Y5ODJENzFGNUNCNTQwMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wM0NBNTQ3NjVGMDk1MUQzNjk3
MzQzODZDRjk4MkQ3MUY1Q0I1NDAzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDA3NDA5MUFCRDRBQzBDNDVDRTk4QTA4NEIyNTcyRDIzREEyMjQwODEz
NTZDOUQ2MTQ2NzgxMERCQjYxODBDRC8wLzM0MzUyZTM2MzgyZTMyMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzMTMzMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtRBYwDQYJ
KoZIhvcNAQELBQADggEBAKvQSSRHJfyt3hwyUKZtPz9MbgGu0OJyYUHXaBD2Iz3x
tX7jEaeFeIWndq1tZNACVf1UoRGpdU2//Gr8TRAqT2FBWNip+EMCRU3Gx6qLStgm
ZE+X28VdsUwd7G4+Fy/gK6Iip5tbKfArAaU4ZmZV+9uhezdhyBrbFFkLDoZI5x7d
K6n2oGvTrd+EsCKlmEecQNHk5Pz8Qk67g6A/+695eZP2dO4zcpZlouTbmrZKghHT
WpgtmfQ8Ss9IEO11PnqO7Hyl7ziGw9Ed9NKMn/wLNOePWLx7fjCFiZyzlLl9iPcI
CGTGb16nECPFmfVgY4oq6CVZh/xx716vN3SZHiyhy1I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:00:11 2024 by rpki-client on console-ams.rpki-client.org